Quick contact

Subscribe for updates

* Name

* Email

How Good is Your Current Patch Manager?

Application vulnerabilities pose a significant danger to any organisation. And most of us are at a point where we realise that.

But it’s not enough to know there’s a defence in place. Whether you’re using a bespoke patch management platform or relying on how your own processes come together, it’s important to understand how well you’re doing.

You’ve taken steps to protect your network. But are you really protected?

To find out, consider these four key areas.

1 – How big is the vulnerability database?

Fundamentally, the secret to protecting your network against application vulnerabilities is knowing whenever they occur. With your Microsoft software, it’s easy – just one vendor to keep track of for several of your most critical applications.

But when it comes to third-party software – where the majority of application vulnerabilities are discovered – there are potentially thousands of different vendors to watch.

An automated system will draw on a database of known application vulnerabilities. And the bigger that database is, the better.

Flexera Software’s Advisory and Vulnerability database is the biggest of its kind, covering more than 20,000 applications from third-party vendors. That’s more than anybody else in the industry.

2 – Does your system give you actionable intelligence?

Of course, it’s not just the quantity of information that matters. It’s what it can do to help you secure your network.

A complete threat advisory should tell you:

The attack vectors that attackers could exploit the vulnerability from

The impact of a successful exploit on your infrastructure

How you can mitigate your risk using a patch

Armed with that information, you don’t just know that a vulnerability exists – you know the steps you should take to close the threat vector quickly and efficiently.

So you can be alerted to vulnerable applications, and start taking action right away.

3 – Can you assess criticality and prioritise your patching?

While it’s a good mentality to fix all application vulnerabilities as soon as possible, the reality isn’t quite that easy. As you juggle all your responsibilities, some patches will naturally be applied before others.

An effective patch management system should make you aware of how critical each individual vulnerability is. For the most part, that combines the likelihood of a successful exploit with the potential consequences.

Vendors usually offer their own criticality ratings but, in an attempt to reduce support burdens, these tend to be consistently high.

Flexera Software gives you the advantage of vendor ratings and Flexera Software’s own independent rating, all in the same place. Based on that score, you can apply the most critical patches first to protect your most dangerous points of weakness.

4 – What is your current patch manager missing?

With a suitably sized database, actionable intelligence, and insight into the criticality of different vulnerabilities, a patch management system is theoretically effective.

Posted on Wednesday, April 15th, 2015 at 10:02 - Written by Lee Morton

The Latest from Alpha Gen:

We live in an imperfect world. It’s a place where cyber criminals target unsuspecting businesses to steal data, disrupt services and even extort money. A place where your technology is always under attack and risk is ever-present. Why, then, would anyone expect cyber security to be perfect? Read more...

Recent Articles:

The fundamentals of successful least privilege adoption

Avoid the common pitfalls that get in the way of Least Privilege Adoption with Thycotic’s latest eBook. You’ll get a complete guide to what constitutes best practice and where even the best-intentioned programmes fall apart. Now is the time to make your least privilege implementation a success.

Alpha Generation Distribution Grows Its Vendor Portfolio with Lepide

Alpha Generation Distribution Announces New Partnership with CoSoSys

In a climate of rising compliance and hard-to-manage endpoints, Alpha Generation partners with CoSoSys to bring robust endpoint protection to the UK market.. An established leader in the space, CoSoSys provides Endpoint Protector [...]